groupboard

Cloudflare spam is a problem again, because the main spammer ("James Wilson") who is sending 99% of our inbound spam through cloudflare domains is now using older domains rather than day-old ones. The solution seems to be to put a 15 minute delay into our spam filter if it is a cloudflare-hosted domain ("whois $domain | grep -i cloudflare" returns 0). This gives the ip address time to show up on the various blacklists.

It seems to have suddenly become a major problem in the last week or so. Now about 90% of our spam is hosted through cloudflare. Reporting the spams doesn't help -- the domains are never removed from cloudflare. Cloudflare themselves don't really seem to give a crap...lots of people complaining to them on twitter, but they don't seem to care. They just say they're not hosting it, and direct people to report it via the web form (which they then just ignore). I just implemented a change to our spam filter yesterday, which has completely resolved the issue: I now block all emails coming from domains registered less than 7 days ago. (I don't specifically check for hosting on cloudflare, as this should kill spams from elsewhere as well). If anyone wants the perl function, let me know.

I have just reported a spammer to Amazon SES for the 3rd time in 3 months. They say that "SpamCop has very strict but often opaque requirements for staying delisted". I don't think that is the case. I think you just need to get off your lazy ass and actually do something about spam reports, Amazon. It's kind of ridiculous thinking you can run a bulk email service on a few ip addresses and not bother dealing with spam reports until you get blacklisted.